United States Patent and Trademark Ofhce 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark OtBce 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. | FILING DATE | FIRST NAMED INVENTOR | ATTORNEY DOCKET NO. | CONFIRMATION NO. 

10/788,939 02/27/2004 Sergey Shokhor 08204/0200872-USO 9204 



38878 7590 03/18/2008 

F5 Networks, Inc. 

c/o darby & DARBY P.C. 

P.O. BOX 770 

Church Street Station 

NEW YORK, NY 10008-0770 



EXAMINER 
JEAN.FRANTZB 



ART UNIT I PAPER NUMBER 

2154 



MAIL DATE | DELIVERY MODE 

03/18/2008 PAPER 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



KJttiVrXi nvrliyjts OUff Iff fcff Jr 


Application No. 

10/788,939 


Applicant(s) 

SHOKHOR, SERGEY 


Examiner 

Frantz B. Jean 


Art Unit 
2154 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
eamed patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 27 February 2004 . 
2a )□ This action is FINAL. 2b)|3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-39 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) IEI Claim(s) ±:39 is/are rejected. 
/)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held In abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1 ) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/IVIail Date. 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 



PTOL-T26'(Rev^'o8-0^^ 



Office Action Summary 



Part of Paper No./Mail Date 20080302 



Application/Control Number: 10/788,939 
Art Unit: 2154 



Page 2 



DETAILED ACTION 

This a first office action in response to application for patent filed on 02/27/04. Claims 1- 
39 are presented for examination. 

Claim Rejections - 35 USC § 102 

The following Is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

Claims 1-39 are rejected under 35 U.S.C. 102(e) as being anticipated by Albert 
et al. hereinafter "Albert US PUB Number 2003/0177389. 

As per claim 1 , Albert teaches an apparatus for managing access to a resource over a 
network, comprising: 

a transceiver (fig 3; client/server communication; 0072) arranged to receive a request 
for access to the resource from a client device; and an integrity management 
component, coupled to the transceiver, that is arranged to perform actions (fig 4, 423; 
par 0073-0074; 0077), including: 

providing a component to the client device (fig 4); employing the component to gather 
integrity information associated with the client device, wherein the integrity information 
is gathered at a plurality of times (par 0077-0078); forwarding the integrity information to 
the apparatus; applying a dynamic policy for access to the resource based, in part, on 
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the forwarded integrity information (par 0077-0081); and if tlie applied policy indicates a 
change in an integrity of the client device, performing a response based, in part, on the 
applied policy (fig 4; par 0097-0099; 0078-0080). 

As per claim 2, Albert teaches an apparatus of claim 1 , wherein the policy is 
manageable through a user interface at the apparatus (par 0077-0080). 

As per claim 3, Albert teaches an apparatus of claim 1 , wherein the integrity information 
further comprises an indicator that at least one of an antivirus product is enabled on the 
client device, a network sniffer is enabled, a screen scraper is enabled, a cracker tool is 
enabled, a hacker tool is enabled, a firewall is enabled, a security application is 
enabled, and a client certificate is available on the client device (fig 4; par 0074-0075). 

As per claim 4, Albert teaches an apparatus of claim 1 , wherein the integrity information 
further comprises a version indicator associated with at least one of an application, a 
process, and an operating system (par 0072-0075). 

As per claim 5, Albert teaches an apparatus of claim 1 , wherein the integrity information 
further comprises at least one of information associated with a process currently 
enabled on the client device, information associated with a sequence of system calls, 
and whether a predetermined file has been modified (par 0080; 0061-0063). 
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As per claim 6, Albert teaches an apparatus of claim 1 , wherein the integrity information 
is gathered at a predetermined rate comprising at least one of a periodic rate, a random 
rate, and an aperiodic rate (par 0077-0083; 0085). 

As per claim 7, Albert teaches an apparatus of claim 1 , further comprising: 
sending a query request to the client device for selected information 
about the integrity of the client device (par 0072-0075). 

As per claim 8, Albert teaches an apparatus of claim 1 , wherein forwarding the integrity 
information further comprises at least one of compressing, and encrypting the integrity 
information (0023 and 0085). 

As per claim 9, Albert teaches an apparatus of claim 1 , wherein the performed response 
further comprises at least one of denying access to the resource, terminating a 
connection, and restricting access to the resource (0049, 0052, 0078, 0103, and 0105). 

As per claim 10, Albert teaches an apparatus of claim 1 , wherein the performed 
response further comprises providing a higher level of access to the resource (par 0078 
and 0081). 

As per claim 1 1 , Albert teaches gathering integrity information in response to a 
predetermined event (par 0085). 
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As per claim 12, Albert teaches a method of managing access to a resource over a 
network, comprising: 

receiving a request for access to the resource from a client device (fig 3; client/server 
communication; 0072); receiving a first integrity information associated with the client 
device (fig 4; par 0072-0075); evaluating one or more policies for access based, in part, 
on the first integrity information (0077-0080); receiving a second integrity information 
associated with the client device (fig 4; par 0074-0077); evaluating one or more policies 
for access based, in part, on the second integrity information (par 0072-0077); and 
performing a response based, in part, on a difference between the first integrity 
information and the second integrity information (par 0077-0081 ). 
As per claims 13-24, they have already been discussed in claims 1-12 above, therefore, 
they are rejected under the same rationale. 

As per claim 25, Albert teaches a system for managing access to a resource over a 
network, comprising: 

a client device configured to request access to the resource (fig 3-4); and 

a server (fig 3-4), coupled to the client device that is configured to perform actions, 

including: 

receiving the request for access from a client device (fig 3; client/server communication; 
0072); providing a component to the client device (fig 3-4; par 0072-0075); employing 
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the component to gather integrity information associated with the client device, wherein 
the integrity information is gathered at a predetermined rate (0077-0081 and 0085); 
receiving the integrity information at the predetermined rate from the component; 
applying a dynamic policy for access based, in part, on the forwarded integrity 
information (0077-0083 and 0085); and if the applied policy indicates a change in an 
integrity of the client device, performing a response based, in part, on the applied policy 
(par 0072-0083). 

Claims 26-34 have already been discussed in the rejection of claims 1-12 and 25 
above. Therefore, they are rejected under the same rationale. 

As per claim 35, Albert discloses a secure socket layer (par 0065 and 0071 ). 

As per claim 36, Albert teaches an apparatus of claim 31 , further comprising logic for 
enabling the secure communication access through a virtual private network employing 
Internet Protocol Security (IPSec) (par 006, 0068 and 0071). 

Claims 37-39 have already been discussed in the rejection of claims 1-12, 25 and 35-36 
above. Therefore, they are rejected under the same rationale. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Frantz B. Jean whose telephone number is 571-272- 
3937. The examiner can normally be reached on 8:30-6:00 M-f. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan J. Flynn can be reached on 571-272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Frantz B. Jean/ 

Primary Examiner, Art Unit 2154 



